Forwarded with permission from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com>
PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:
Messaging Security for Small and Mid-sized Businesses
http://list.windowsitpro.com/t?ctl=4FC15:57B62BBB09A6927948DF73B48E1F7B69
Free White Paper: What's Missing from SEM?
http://list.windowsitpro.com/t?ctl=4FC2C:57B62BBB09A6927948DF73B48E1F7B69
Automatically fix links when you move files!
http://list.windowsitpro.com/t?ctl=4FC28:57B62BBB09A6927948DF73B48E1F7B69
=== CONTENTS ===================================================
IN FOCUS: Symantec's New Internet Security Threat Report
NEWS AND FEATURES
- New Firefox Versions Released to Fix FTP Vulnerability
- War Driving Goes Commercial
- Microsoft Admits to Xbox Support Slip-Ups
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: David LeBlanc Starts Blogging
- FAQ: Accessing Drives After Renaming Servers
- From the Forum: Vista's Security Features
- From the Forum: Vote for Your Favorite Host IPS
- Tell Us About the Products You Love!
- Share Your Security Tips
PRODUCTS
- Detect System Object and Registry Changes
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== SPONSOR: Symantec ==========================================
Messaging Security for Small and Mid-sized Businesses
Did you know that 75% of corporate intellectual property resides in
email? The challenges facing this vital business application range from
spam to the costly impact of downtime and the need for effective,
centralized email storage systems. Join us for a free Web seminar and
learn the key features of a holistic approach to managing email
security, availability, and control. On-Demand Web Seminar.
http://list.windowsitpro.com/t?ctl=4FC15:57B62BBB09A6927948DF73B48E1F7B69
=== IN FOCUS: Symantec's New Internet Security Threat Report ===
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Security vendors often release reports based on their perspective of
current and future Internet-related security threats. The reports are
useful in learning what the vendor sees, which in turn can lead you to
your own widened perspective on potential problems.
Symantec recently released "Internet Security Threat Report, Trends for
July-December 2006." While the report is based on historical data, it
does lend some insight into the future.
According to the report, the latest trend for intruders is to use
medium-risk vulnerabilities as launch points to conduct future attacks.
Symantec said that intruders are more frequently using combined
vulnerabilities and that financial gain is often the motive.
The company said it bases its findings on a network of more than 40,000
sensors in more than 180 countries, more than 2 million decoy email
accounts, and information collected from its BugTraq mailing list.
Some interesting highlights from the report include the discovery that
of all the attacks that affected Web browsers, approximately 77 percent
were aimed at Microsoft Internet Explorer (IE). Ninety-three percent of
all attacks were aimed at home users.
Another interesting data point is that Symantec tracked over 5,200
Denial of Service (DoS) attacks per day. That's a lot! Interestingly
enough, the company said that figure dropped from last year when it
tracked more than 6,100 DoS attacks per day.
The company also documented more than 2,500 vulnerabilities; 66 percent
of them were related to Web applications, and 79 percent were "easily
exploitable."
Another interesting set of points are patch turnaround times for OSs.
Symantec measured five vendors: Microsoft, Sun Microsystems, Apple, HP,
and Red Hat. Of those five companies, Symantec found that Microsoft had
the fastest average turnaround time overall, Red Hat was second, HP was
third, Apple was fourth, and Sun was fifth.
The number of vulnerabilities measured for each vendor varied as did
the response time, when comparing the second half of 2006 with the
first half. For example, HP's average response time in the first half
of 2006 was 53 days for the seven vulnerabilities the company
disclosed. In the second half of 2006, HP's number of disclosed
vulnerabilities increased to 98 and the company's average response time
increased to 101 days.
Even though we'll most likely see fewer vulnerabilities in Vista than
we do in previous Windows platforms, I expect Microsoft's average
vulnerability response time will remain steady since it uses a monthly
patch release schedule.
Vista will no doubt affect the future reports of most any Windows-based
security vendor--Symantec certainly included. The report predicts that
third-party software developers could become the source of a
significant percentage of attacks against the OS.
That's just the tip of the iceberg of the information in Symantec's
104-page report. Other information includes trends regarding specific
types of attacks, what future trends might be, and a lot of detail
about some of the topics I covered briefly here. If you're interested
in reading the entire report, you can get a copy in PDF format at the
URL below:
http://list.windowsitpro.com/t?ctl=4FC12:57B62BBB09A6927948DF73B48E1F7B69
===
Vote in the Windows IT Pro 2007 Community Choice Awards!
Vote for your favorite products from the Buyer's Guides published in
Windows IT Pro during the past 12 months. The first three categories--
Host-Based Intrusion Prevention Systems, KVM over IP Switches, and
Ultra-Portable Laptops--are now open for voting on the Windows IT Pro
forums. We'll open three new categories each week for the next three
weeks, and voting will remain open for three weeks per category. To see
the list of products in each category and vote, follow these links:
Host-Based Intrusion Prevention Systems
http://list.windowsitpro.com/t?ctl=4FC16:57B62BBB09A6927948DF73B48E1F7B69
KVM over IP Switches
http://list.windowsitpro.com/t?ctl=4FC17:57B62BBB09A6927948DF73B48E1F7B69
Ultra-Portable Laptops
http://list.windowsitpro.com/t?ctl=4FC18:57B62BBB09A6927948DF73B48E1F7B69
=== SPONSOR: NetIQ =============================================
Free White Paper: What's Missing from SEM?
"What's Missing from SEM" examines what is required for a
comprehensive and integrated solution to meet all your security
management needs. This paper reveals the 12 critical questions to ask
of your security management system, and explains why it's time to move
beyond simple event management.
http://list.windowsitpro.com/t?ctl=4FC2C:57B62BBB09A6927948DF73B48E1F7B69
=== SECURITY NEWS AND FEATURES =================================
New Firefox Versions Released to Fix FTP Vulnerability
Mozilla Foundation released Firefox 2.0.0.3 and 1.5.0.11 to fix a
vulnerability in the FTP protocol that could allow an intruder to
perform a basic port scan of a user's internal network.
http://list.windowsitpro.com/t?ctl=4FC20:57B62BBB09A6927948DF73B48E1F7B69
War Driving Goes Commercial
Skyhook Wireless operates trucks that locate wireless APs in more
than 2,500 cities. The company can then locate people through their
connections to an AP and provide them various location-related
services.
http://list.windowsitpro.com/t?ctl=4FC21:57B62BBB09A6927948DF73B48E1F7B69
Microsoft Admits to Xbox Support Slip-Ups
While Microsoft was originally quick to dismiss recent rumors of a
security problem with its Xbox Live online service, the company now
says that though the service is technically sound, it appears that
staffers at Xbox support have been giving up users' personal
information to callers without properly verifying their identities.
Thus, some malicious users have indeed been able to subvert Xbox Live
accounts by using old-fashioned social engineering schemes.
http://list.windowsitpro.com/t?ctl=4FC25:57B62BBB09A6927948DF73B48E1F7B69
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=4FC1B:57B62BBB09A6927948DF73B48E1F7B69
=== SPONSOR: LinkTek ===========================================
Automatically fix links when you move files!
Patented LinkFixerPlus is the first application that automatically
fixes broken links in Excel, Word, Access, PowerPoint, Acrobat,
InDesign, PageMaker, AutoCAD and other files when performing data
migrations due to: server consolidations, server name changes, path
name changes or folder reorganizations! Detailed broken link reporting
too!
Download the FREE trial version NOW at
http://list.windowsitpro.com/t?ctl=4FC28:57B62BBB09A6927948DF73B48E1F7B69
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: David LeBlanc Starts Blogging
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=4FC2A:57B62BBB09A6927948DF73B48E1F7B69
David LeBlanc--one of the first programmers at Internet Security
Systems (ISS) and now a security expert at Microsoft--is now blogging
on MSDN.
http://list.windowsitpro.com/t?ctl=4FC23:57B62BBB09A6927948DF73B48E1F7B69
FAQ: Accessing Drives After Renaming Servers
by John Savill, http://list.windowsitpro.com/t?ctl=4FC27:57B62BBB09A6927948DF73B48E1F7B69
Q: I've renamed servers using a special script but am now having
problems accessing disks via the Microsoft Management Console (MMC)
Disk Management snap-in. What's the problem?
Find the answer at
http://list.windowsitpro.com/t?ctl=4FC22:57B62BBB09A6927948DF73B48E1F7B69
FROM THE FORUM: Vista's Security Features
It seems like companies aren't in a rush to migrate to Windows
Vista. But what about all the new security features Vista offers?
Aren't they a draw to the new OS version? Which new security features
make you want to move right away, and which aren't so compelling?
http://list.windowsitpro.com/t?ctl=4FC14:57B62BBB09A6927948DF73B48E1F7B69
FROM THE FORUM: Vote for Your Favorite Host IPS
Help us pick the most popular products to win Windows IT Pro's 2007
Community Choice awards. Choose the best host-based IPS and tell us why
it gets your vote. You could win a $100 Amazon.com gift card. Join the
discussion at
http://list.windowsitpro.com/t?ctl=4FC13:57B62BBB09A6927948DF73B48E1F7B69
TELL US ABOUT THE PRODUCTS YOU LOVE!
What products are you using that save you time or make your workload
a little lighter? What hot product discoveries have you made that other
IT pros need to know about? Let the world know about your experiences
in Windows IT Pro's monthly What's Hot department. If we publish your
story in What's Hot, we'll send you a Best Buy gift card! Send
information about your favorite product and how it has helped you to
whatshot@private
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@private If we print your submission,
you'll get $100. We edit submissions for style, grammar, and length.
=== PRODUCTS ===================================================
by Renee Munshi, products@private
Detect System Object and Registry Changes
Imperva announced the ADC Change Management Module for its
SecureSphere appliances. The module performs an initial assessment and
subsequently detects objects that are added to, changed on, or removed
from the system. It also detects changes in the registry and monitors
for files necessary for system operation. The ADC Change Management
Module complements SecureSphere's existing abilities, which are to
automate the complex processes required to produce compliance reports,
perform change control audits, and maintain secure database
configurations. The ADC Change Management Module is available
immediately for free for SecureSphere customers that subscribe to the
ADC security update service. For more information, go to
http://list.windowsitpro.com/t?ctl=4FC2F:57B62BBB09A6927948DF73B48E1F7B69
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=4FC26:57B62BBB09A6927948DF73B48E1F7B69
Deploy Exchange Server 2007 Without a Hitch!
This one-day technical training event teaches you how to preempt
pitfalls and avoid corrupting your infrastructure. Learn how to
effectively install, manage, and secure Exchange Server 2007 in a 64-
bit environment. You'll also get a peek into the integration of
Outlook, SharePoint Server 2007, and Exchange Server 2007. Register
today!
http://list.windowsitpro.com/t?ctl=4FC1A:57B62BBB09A6927948DF73B48E1F7B69
Windows + UNIX/Linux = You Need TechX World!
If you work in an environment that includes Windows plus UNIX or
Linux, TechX World is the place to go for practical strategies and
resources to add to your toolkit. This one-day technical training event
will teach you how to make the most of open-source tools on Windows and
how to manage and sync multiple directories. Register today!
http://list.windowsitpro.com/t?ctl=4FC24:57B62BBB09A6927948DF73B48E1F7B69
Get Ready for the Windows Server Longhorn Roadshow!
Seize control of your Windows infrastructure with Microsoft's
biggest server release since Windows 2003. Get a live, under-the-hood
look at Longhorn virtualization, deployment, Web services, and
breakthroughs in core reliability. This one-day event is filled with
demonstrations and in-depth discussions designed for IT pros who want a
deep understanding of Windows Server Longhorn.
http://list.windowsitpro.com/t?ctl=4FC1E:57B62BBB09A6927948DF73B48E1F7B69
=== FEATURED WHITE PAPER =======================================
Devote your time, energy, and resources to serving your customers, not
your servers. Want to focus on high-value activities instead of
applying OS patches and updates, dealing with security vulnerabilities,
and managing disk drives? Download this free white paper now and find
out how you can have a business-class Web hosting solution with secure
application pooling to protect your data.
http://list.windowsitpro.com/t?ctl=4FC19:57B62BBB09A6927948DF73B48E1F7B69
=== ANNOUNCEMENTS ==============================================
Introducing a Unique Security Resource
Security Pro VIP is an online information center that delivers new
articles every week on topics such as perimeter security,
authentication, and system patches. Subscribers also receive tips,
cautionary advice, direct access to our editors, and a host of other
benefits! Order now at an exclusive charter rate and save up to $50!
http://list.windowsitpro.com/t?ctl=4FC1C:57B62BBB09A6927948DF73B48E1F7B69
Grab Your Share of the Spotlight!
Nominate yourself or a peer to become IT Pro of the Month. This is
your chance to get the recognition you deserve! Winners will receive
over $600 in IT resources and be featured in Windows IT Pro. It's easy
to enter--we're accepting May nominations now, but only for a limited
time! Submit your nomination today:
http://list.windowsitpro.com/t?ctl=4FC2B:57B62BBB09A6927948DF73B48E1F7B69
================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://list.windowsitpro.com/t?ctl=4FC29:57B62BBB09A6927948DF73B48E1F7B69http://list.windowsitpro.com/t?ctl=4FC2E:57B62BBB09A6927948DF73B48E1F7B69
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=4FC1F:57B62BBB09A6927948DF73B48E1F7B69
Be sure to add Security_UPDATE@private
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@private
About technical questions -- http://list.windowsitpro.com/t?ctl=4FC2D:57B62BBB09A6927948DF73B48E1F7B69
About your product news -- products@private
About your subscription -- windowsitproupdate@private
About sponsoring Security UPDATE -- salesopps@private
View the Windows IT Pro privacy policy at
http://list.windowsitpro.com/t?ctl=4FC1D:57B62BBB09A6927948DF73B48E1F7B69
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2007, Penton Media, Inc. All rights reserved.
_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org